1 - Private cloud, more secure.

2 - Public cloud, security is the responsibility of the provider.

Interestingly, I remember the first statement above being said in a meeting last week, and if you recall in my previous post I suggest security should be provided by Google. The article puts the security burden on both of us, which is correct, provided the Cloud Service Provider (CSP) enables the users to have the granularity needed to secure their data. I suspect CSPs are running into the same or similar problems as web hosting providers when public shared hosting first arrived.  

Still more work to do before I understand what the inherent risks and assumptions are with cloud security.